search

zorn-v / nextcloud-social-login

GNU Affero General Public License v3.0
198 stars 137 forks source link

Logins failing internal server error #401

Open dillfrescott opened 1 year ago

dillfrescott commented 1 year ago

Argument #1 ($string) must be of type string, null given in file

Is the only real thing in the logs that I could find. I am using nextcloud version 26

wuan commented 1 year ago

Same here. The error started after upgrading to Nextcloud 26. Using the custom_oidc login against Keycloak.

{
  "reqId": "QzkVxVQMgpgtkGpEheeJ",
  "level": 3,
  "time": "2023-03-23TXX:XX:XX+XX:00",
  "remoteAddr": "XXX.XXX.XX.XXX",
  "user": "--",
  "app": "index",
  "method": "GET",
  "url": "/apps/sociallogin/custom_oidc/XXXX?state=HA-8ZH0QS96KF2E3PG4J7XWIVDMLY5UOB1NRCTA&session_state=98ced636-d946-444c-87c2-50248cb4a67c&code=7db21886-997f-494d-b8b6-bc756bd938ee.98ced636-d946-444c-87c2-50248cb4a67c.32213038-6dbc-4749-9891-c51c9792d478",
  "message": "sha1(): Argument #1 ($string) must be of type string, null given in file '/var/www/cloud/lib/private/Authentication/Token/PublicKeyTokenProvider.php' line 116",
  "userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/112.0",
  "version": "26.0.0.11",
  "exception": {
    "Exception": "Exception",
    "Message": "sha1(): Argument #1 ($string) must be of type string, null given in file '/var/www/cloud/lib/private/Authentication/Token/PublicKeyTokenProvider.php' line 116",
    "Code": 0,
    "Trace": [
      {
        "file": "/var/www/cloud/lib/private/AppFramework/App.php",
        "line": 183,
        "function": "dispatch",
        "class": "OC\\AppFramework\\Http\\Dispatcher",
        "type": "->"
      },
      {
        "file": "/var/www/cloud/lib/private/Route/Router.php",
        "line": 315,
        "function": "main",
        "class": "OC\\AppFramework\\App",
        "type": "::"
      },
      {
        "file": "/var/www/cloud/lib/base.php",
        "line": 1055,
        "function": "match",
        "class": "OC\\Route\\Router",
        "type": "->"
      },
      {
        "file": "/var/www/cloud/index.php",
        "line": 36,
        "function": "handleRequest",
        "class": "OC",
        "type": "::"
      }
    ],
    "File": "/var/www/cloud/lib/private/AppFramework/Http/Dispatcher.php",
    "Line": 169,
    "Previous": {
      "Exception": "TypeError",
      "Message": "sha1(): Argument #1 ($string) must be of type string, null given",
      "Code": 0,
      "Trace": [
        {
          "file": "/var/www/cloud/lib/private/Authentication/Token/PublicKeyTokenProvider.php",
          "line": 116,
          "function": "sha1"
        },
        {
          "file": "/var/www/cloud/lib/private/Authentication/Token/Manager.php",
          "line": 69,
          "function": "generateToken",
          "class": "OC\\Authentication\\Token\\PublicKeyTokenProvider",
          "type": "->",
          "args": [
            "*** sensitive parameters replaced ***"
          ]
        },
        {
          "file": "/var/www/cloud/lib/private/User/Session.php",
          "line": 686,
          "function": "generateToken",
          "class": "OC\\Authentication\\Token\\Manager",
          "type": "->",
          "args": [
            "*** sensitive parameters replaced ***"
          ]
        },
        {
          "file": "/var/www/cloud/apps/sociallogin/lib/Service/ProviderService.php",
          "line": 569,
          "function": "createSessionToken",
          "class": "OC\\User\\Session",
          "type": "->",
          "args": [
            "*** sensitive parameters replaced ***"
          ]
        },
        {
          "file": "/var/www/cloud/apps/sociallogin/lib/Service/ProviderService.php",
          "line": 433,
          "function": "login",
          "class": "OCA\\SocialLogin\\Service\\ProviderService",
          "type": "->",
          "args": [
            "*** sensitive parameters replaced ***"
          ]
        },
        {
          "file": "/var/www/cloud/apps/sociallogin/lib/Service/ProviderService.php",
          "line": 293,
          "function": "auth",
          "class": "OCA\\SocialLogin\\Service\\ProviderService",
          "type": "->"
        },
        {
          "file": "/var/www/cloud/apps/sociallogin/lib/Controller/LoginController.php",
          "line": 41,
          "function": "handleCustom",
          "class": "OCA\\SocialLogin\\Service\\ProviderService",
          "type": "->"
        },
        {
          "file": "/var/www/cloud/lib/private/AppFramework/Http/Dispatcher.php",
          "line": 230,
          "function": "custom",
          "class": "OCA\\SocialLogin\\Controller\\LoginController",
          "type": "->"
        },
        {
          "file": "/var/www/cloud/lib/private/AppFramework/Http/Dispatcher.php",
          "line": 137,
          "function": "executeController",
          "class": "OC\\AppFramework\\Http\\Dispatcher",
          "type": "->"
        },
        {
          "file": "/var/www/cloud/lib/private/AppFramework/App.php",
          "line": 183,
          "function": "dispatch",
          "class": "OC\\AppFramework\\Http\\Dispatcher",
          "type": "->"
        },
        {
          "file": "/var/www/cloud/lib/private/Route/Router.php",
          "line": 315,
          "function": "main",
          "class": "OC\\AppFramework\\App",
          "type": "::"
        },
        {
          "file": "/var/www/cloud/lib/base.php",
          "line": 1055,
          "function": "match",
          "class": "OC\\Route\\Router",
          "type": "->"
        },
        {
          "file": "/var/www/cloud/index.php",
          "line": 36,
          "function": "handleRequest",
          "class": "OC",
          "type": "::"
        }
      ],
      "File": "/var/www/cloud/lib/private/Authentication/Token/PublicKeyTokenProvider.php",
      "Line": 116
    },
    "CustomMessage": "--"
  }
}
zorn-v commented 1 year ago

Seems it is more related to nextcloud itself. Default null from createSessionToken leak down to generateToken and passed to sha1 standard function. And seems in nextcloud master it is already fixed ($password !== null check) https://github.com/nextcloud/server/blob/97b8e6d2a388cd08bd83ee08b1d322b9e813387a/lib/private/Authentication/Token/PublicKeyTokenProvider.php#L116

Just wait next nextcloud version.

wuan commented 1 year ago

Can confirm that. Applying the fix from https://github.com/nextcloud/server/pull/37192/commits/6881d2f2f15976514cc52d6ea49ff09c5bb81d2b helped.

JoeHaenf commented 12 months ago

Hi, I get a 503 internal server error when trying to authenticate an app (windows desktop). Login to the Nextcloud website works perfectly. We also use a Custom OIDC provider. The server logs at this timestamp show a "login exception" because of an expired password.

For me this smells like the same problem you described above, but I am not that experienced.

What do you guys think? Are there more logs I should check? (I have limited possibilities because we use a hosted Nextcloud)

Screenshot 2023-07-06 194301